svn commit: samba r14112 - in branches/SAMBA_3_0/source: auth smbd

jerry at samba.org jerry at samba.org
Thu Mar 9 22:31:40 GMT 2006


Author: jerry
Date: 2006-03-09 22:31:37 +0000 (Thu, 09 Mar 2006)
New Revision: 14112

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14112

Log:
* fix checks on return code from register_vuid() which could actually
  fail and we would still return success in the SMBsesssetup reply :-(
* Make sure to create the local token for the server_fino struct
  in reply_spnego_kerberos() so that register_vuid() does not fail.
  (how did this ever work?)





Modified:
   branches/SAMBA_3_0/source/auth/auth_util.c
   branches/SAMBA_3_0/source/smbd/password.c
   branches/SAMBA_3_0/source/smbd/sesssetup.c


Changeset:
Modified: branches/SAMBA_3_0/source/auth/auth_util.c
===================================================================
--- branches/SAMBA_3_0/source/auth/auth_util.c	2006-03-09 22:31:05 UTC (rev 14111)
+++ branches/SAMBA_3_0/source/auth/auth_util.c	2006-03-09 22:31:37 UTC (rev 14112)
@@ -1301,8 +1301,6 @@
 {
 	if (guest_info != NULL)
 		return True;
-		
-	
 
 	return NT_STATUS_IS_OK(make_new_server_info_guest(&guest_info));
 }

Modified: branches/SAMBA_3_0/source/smbd/password.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/password.c	2006-03-09 22:31:05 UTC (rev 14111)
+++ branches/SAMBA_3_0/source/smbd/password.c	2006-03-09 22:31:37 UTC (rev 14112)
@@ -305,7 +305,7 @@
 		DEBUG(1, ("Failed to claim session for vuid=%d\n",
 			  vuser->vuid));
 		invalidate_vuid(vuser->vuid);
-		return -1;
+		return UID_FIELD_INVALID;
 	}
 
 	/* Register a home dir service for this user iff

Modified: branches/SAMBA_3_0/source/smbd/sesssetup.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/sesssetup.c	2006-03-09 22:31:05 UTC (rev 14111)
+++ branches/SAMBA_3_0/source/smbd/sesssetup.c	2006-03-09 22:31:37 UTC (rev 14112)
@@ -349,6 +349,21 @@
 			pdb_set_domain(server_info->sam_account, domain, PDB_SET);
 		}
 	}
+	
+	/* we need to build the token for the user. make_server_info_guest()
+	   already does this */
+	
+	if ( !server_info->ptok ) {
+		ret = create_local_token( server_info );
+		if ( !NT_STATUS_IS_OK(ret) ) {
+			SAFE_FREE(client);
+			data_blob_free(&ap_rep);
+			data_blob_free(&session_key);
+			TALLOC_FREE( mem_ctx );
+			TALLOC_FREE( server_info );
+			return ERROR_NT(ret);
+		}
+	}
 
 	/* register_vuid keeps the server info */
 	/* register_vuid takes ownership of session_key, no need to free after this.
@@ -357,7 +372,7 @@
 
 	SAFE_FREE(client);
 
-	if (sess_vuid == -1) {
+	if (sess_vuid == UID_FIELD_INVALID ) {
 		ret = NT_STATUS_LOGON_FAILURE;
 	} else {
 		/* current_user_info is changed on new vuid */
@@ -429,7 +444,7 @@
 		sess_vuid = register_vuid(server_info, session_key, nullblob, (*auth_ntlmssp_state)->ntlmssp_state->user);
 		(*auth_ntlmssp_state)->server_info = NULL;
 
-		if (sess_vuid == -1) {
+		if (sess_vuid == UID_FIELD_INVALID ) {
 			nt_status = NT_STATUS_LOGON_FAILURE;
 		} else {
 			
@@ -674,7 +689,7 @@
 	vuser = get_partial_auth_user_struct(vuid);
 	if (!vuser) {
 		vuid = register_vuid(NULL, data_blob(NULL, 0), data_blob(NULL, 0), NULL);
-		if (vuid == -1) {
+		if (vuid == UID_FIELD_INVALID ) {
 			return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
 		}
 	
@@ -1100,7 +1115,7 @@
 	data_blob_free(&nt_resp);
 	data_blob_free(&lm_resp);
 
-	if (sess_vuid == -1) {
+	if (sess_vuid == UID_FIELD_INVALID) {
 		return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 	}
 



More information about the samba-cvs mailing list